It can either be that, or just that they are known to be common (or merely known to be used) passwords people use. Generally you could use a simple english dictionary plus common alterations (passw0rd, password1). So, kinda heuristics but also very broad spectrum.

The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.

KthProg wrote:-_- how do they choose the words for these dictionaries i mean?is it based on hueristics? common passwords?

Usually, depending on your victom you can try different dictionaries that have different words in them.

For example if you was to try and brutforce a password that belongs to someone from the UK, you would load up a dictionary that has UK slang in it. If you was to use a dictionary attack on someone from China, you would want chinese words in your dictionary. The dictionaries themselves usually contain thousands of commonly used passwords. The passwords for wordlists are usually dumped from large databases on websites via SQLi, this gives you a realistic approach on what passwords are being used.

1. No system is safe.2. Aim for the the impossible.3. Have fun in cyberspace and meatspace.

Nifty lollllSo somehow you get ahold of a database of previously (or currently) used passwords and put them all in a text file lolId be a bigger fan of the more reliable approach ,i.e. trying all combinations, and focusing on optimization.But of course you're prolly less likely to get caught with a dictionary and I could definitely see how that would be useful on a large number of users

I don think it would be inefficient or slow if it were optimized.you just have to make sure that it leans towards certain vowel/consonant combinations that are actually valid and common in the english language.so isntead of a word list youd use a vowel - consonant combinations list.ae -aemoebaai -laidea -beansee -beefei -idk...lolie -lieio -lionoa -boaroi -loinsou -mouthue -questui -squiduo -duo^these may only be preceded and followed by a consonantvowel combinations starting with u may only be preceded by a q

llshchndctgrbrtrprcrcl you get the idea.

basically make rules that say only these combinations (and a few others) are valid, sort them by their likelihood of occurence, then start cracking.

how appropriate 0_o muahahaha lolreign o'er the accounts of the interwebalso I'm not sure how most brute forcers work but id think the best way to do it if you wanted it to be fast(not pretty) would be nesting for each statements iterating through an array of valid symbols and letters. 16 nested for each statements will iterate through every possible 16 character password. maybe ill even try that real quick to see how long it takes. my bet is about 3 minutes maybe not even that long.